Warning

The content on this page has been converted from PDF to HTML format using an artificial intelligence (AI) tool as part of our ongoing efforts to improve accessibility and usability of our publications. Note:

  • No human verification has been conducted of the converted content.
  • While we strive for accuracy errors or omissions may exist.
  • This content is provided for informational purposes only and should not be relied upon as a definitive or authoritative source.
  • For the official and verified version of the publication, refer to the original PDF document.

If you identify any inaccuracies or have concerns about the content, please contact us at [email protected].

Feedback Statement and Impact Assessment - Practice Note 28

Street view of a city with shops lining a cobblestone street, people walking, and a tall gothic church tower visible in the background.

The FRC does not accept any liability to any party for any loss, damage or costs howsoever arising, whether directly or indirectly, whether in contract, tort or otherwise from any action or decision taken (or not taken) as a result of any person relying on or otherwise using this document or arising from any omission from it.

© The Financial Reporting Council Limited 2026

The Financial Reporting Council Limited is a company limited by guarantee. Registered in England number 2486368. Registered Office: 13th Floor, 1 Harbour Exchange Square, London, E14 9GE

Contents

1. Introduction

1The Financial Reporting Council (FRC) is committed to acting as a proportionate and principles-based regulator. It balances the need to minimise the impact of regulatory requirements on business, while working to support the delivery of high-quality audit and assurance work, to maintain investor and wider stakeholder confidence in audit and assurance.

2In July 2025, the FRC issued an invitation for stakeholders to comment on a draft Practice Note setting out guidance for audits of small and medium-sized entities (SMEs). Practice Notes (PNs) contain non-prescriptive guidance that is intended to help auditors apply the ISAs (UK) in particular circumstances and sectors.

3This PN was intended to help practitioners take advantage of the opportunities for scalability in the International Standards on Auditing (ISAs) (UK) when auditing SMEs. The guidance was not intended to be applicable to more complex audits or for the audit of large companies. It is not applicable to the audit of small or medium sized entities that are public interest entities.

4The overarching intention for the guidance is to support practitioners in designing and delivering effective, quality audits of SMEs that focus on risk rather than compliance. We believe that encouraging greater proportionality by auditors through this PN will have a positive impact on many smaller and medium enterprises by clarifying the benefits that come with an audit and potentially reduce perceptions around burdens on businesses. Using a risk-based audit approach along with the scalability provisions in ISAs (UK) allows for the better tailoring of an audit to an audited entity. This in turn allows the application of a more efficient audit approach.

5The purpose of the consultation was to seek stakeholder views in respect to the proposed guidance, and to identify any areas in which it could be improved. We received a total of 23 responses. The next section summarises the feedback received and our responses. These fall into two categories:

  1. Answers to the four specific questions in our call for feedback; and
  2. Significant other matters raised by respondents.

6The feedback received during the consultation process has been used to revise the exposure draft. The resulting guidance – Practice Note 28: Guidance for audits of small and medium-sized entities – has been issued by the FRC alongside this feedback statement.

2. Summary of feedback and FRC response

Overall summary

We received responses from 23 respondents, from a range of stakeholders as set out below.

Table 1: Overview of responses received

Category of Respondent Number of Respondents
Firms (including a group of firms) 13
Professional bodies 6
Methodology providers 2
Representative groups 1
Individuals 1

The feedback to each of the four questions posed in the consultation document, along with the FRC's response, is set out below. In addition, two other significant matters that were raised with respondents are discussed, namely:

  • The ISA for Less Complex Entities (LCE), and
  • Relevant ethical requirements for audits of SMEs.

Question 1 – Do you support the development of the PN, and do you believe it will help give practitioners the confidence to apply the ISAs (UK) in a scalable and proportionate manner for the audits of smaller and/or less complex entities?

Summary of feedback

Many respondents welcomed the the FRC's interest in the operation of this segment of the audit market. Respondents went on to express a spectrum of views about the PN itself, ranging from very supportive to opposition. The most commonly expressed view was a supportive one, though this was usually accompanied by caveats. The most common reservations were:

  • The guidance was insufficient to bring about significant changes in audit practice in this segment of the audit market. Many respondents argued that the ISAs (UK) lack inherent capacity for scalable and proportionate application, and that only measures that would allow auditors to move away from these standards would address the issues that the PN seeks to address. These included adoption of the ISA for LCE that has been issued by the International Accounting Standards Board (IAASB).
  • The guidance needed further development if it was to successfully support auditors to apply the auditing standards in a scalable and proportionate manner. The feedback here expressed a desire for further examples, as well as expanding other examples to reflect the real-world practicalities of auditing smaller entities. Some responses also requested material that would in effect dispense with audit procedures which they felt were not proportionate for smaller entities.

Of those that were supportive of the principle of the PN, a significant number considered that the guidance could be improved. It was recommended that the scope should be clarified: in particular the interaction between complexity and size, and the process for determining and documenting the extent to which an entity falls within the scope of the PN. Additionally there were requests for greater clarity over procedures that the auditor need not perform and more specific guidance on common areas where auditors are unsure how much documentation is needed. Many of the responses also included considerable amounts of helpful and constructive feedback on the PN.

One respondent specifically referred to risk aversion as a barrier to practitioners applying the ISAs (UK) in a scalable and proportionate manner and noted that a PN alone may not be enough to change their behaviour. Another suggested that regulatory uncertainty over which entities are in scope meant that the guidance should be mandated for audits of certain entities.

FRC response

The FRC acknowledges the challenges involved in scaling the ISAs (UK) to SMEs but does not agree that they are fundamentally non-scalable. The PN seeks to highlight areas where it may be appropriate for auditors to apply less extensive procedures to SMEs.

The FRC believes that dedicated guidance provides the most effective means of supporting practitioners in the scalable and proportionate application of the ISAs (UK) to SMEs. This is best achieved by leveraging the pre-existing application material within the ISAs (UK) and demonstrating how they might be applied to such entities. It also avoids the risks associated with alternative remedies.

The ISAs (UK) are intended to be applied to all entities, regardless of size or complexity. The concepts of scalability and proportionality are inherent to the ISAs (UK), and are linked with the extent of complexity within the entity being audited. The auditor needs to use professional judgement to determine the extent of complexity within an entity when identifying risks of material misstatement and calibrating appropriate responses to those risks. While there is a relationship between size and complexity, some larger entities may be less complex while some smaller entities may be more complex. It would therefore be inappropriate to mandate the PN for certain classes of entity. Instead, the guidance aims to give practitioners the confidence to apply their professional judgement to achieve scalable and proportionate application of auditing requirements.

To better reflect this emphasis, the title of the PN has been amended to 'Guidance for audits of small and medium-sized entities'. This further emphasises the FRC's vision that this guidance may have broader applicability.

The constructive feedback received through the consultation process has also been used to re-work the PN. In particular, the number of examples within the PN has been increased, with a greater emphasis upon the real-world challenges of auditing SMEs. Further detail is provided in the discussion of each consultation question that follows.

The FRC's position on the ISA for LCE is set out in the section on other matters raised by respondents to this consultation. This section also describes the FRC's inability to remove specific ISA (UK) requirements. However, we recognise that it may be difficult to identify where sufficient audit work has been performed to meet a specific requirement, leading to additional unncessary procedures. In response, we have sought to provide further scenarios within the PN where the auditor might scale their work appropriately to conclude that they had met the requirements of the auditing standards. In developing the PN, and in responding to feedback, we have also engaged with audit inspectors in the RSBs who carry out inspections of audits of this type – their insight has been important in helping to finalise this PN.

Question 2 – Do you believe the PN addresses the issues arising in the SME market sector when it comes to audit?

Summary of feedback

A mixed response was provided by respondents on whether the PN addressed issues arising in the SME market sector when it comes to audit. Some respondents noted that the PN provides support on performing these audits. However, others were concerned that the status of the PN as guidance would have limited to no impact on how audits of SMEs are performed. Of these respondents, several noted that they would have a preference to modify the ISAs (UK) to highlight their scalability.

Furthermore, respondents noted that the PN would not be sufficient to address all issues identified in the SME market sector relating to audit. For example, it would not be possible to address concerns such as talent attraction and retention, emerging technology, competition and the expectations of stakeholders.

FRC response

The PN is intended to support the practitioners in applying the ISAs (UK) in a scalable and proportionate way. Its status as guidance means that the PN does not alter or remove requirements of the ISAs (UK) but is aimed to highlight opportunities for auditors to calibrate their procedures to SMEs.

The PN aims to highlight where scalability exists in the ISAs (UK) to provide confidence in applying scalable and proportionate audit methodology for small and medium-sized entity audits. The scope of the PN is limited to the application of the ISAs (UK) to the performance of individual audits. As such, it cannot meet all emerging issues in the market sector. The FRC's SME Market Study is intended to consider these issues and suggest appropriate remedies for these problems. Moreover, the FRC is continually working with stakeholders to understand and respond to issues where it can through initiatives such as the Audit Firm Scalebox, the Audit and Assurance Sandbox, and the Innovation and Improvement Hub.

Question 3 – Are there other ISAs (UK) or specific requirements within ISAs (UK) that you believe this PN should provide guidance in their application to the audit of small and/or less complex entities?

Summary of feedback

Respondents generally agreed that the key focus of the PN should be on the following ISAs (UK):

  • ISA (UK) 315 'Identifying and Assessing the Risks of Material Misstatement'.
  • ISA (UK) 540 'Auditing Accounting Estimates and Related Disclosures'.
  • ISA (UK) 570 'Going Concern'.
  • ISA (UK) 240 'The Auditor's Responsibilities Relating to Fraud in an Audit of Financial Statements'.

However, respondents suggested that the material could be improved by increasing the number and complexity of examples, and by addressing the problems posed by a lack of engagement in the audit process by directors and/or management.

Respondents also suggested that the PN could include material on how to apply the Provisions Available for Audits of Small Entities (PAASE) included with the FRC's Ethical Standard (ES), as well as considerations for firms in relation to their systems of quality management. Some respondents also suggested specific material on audit responses to assessed risks of material misstatement, related parties, and on reporting to management and those charged with governance at the conclusion of the audit. There were also requests for more practical indications of what an auditor does not need to include in an audit file, as well as guidance on how to apply technology to audits of SMEs.

FRC response

The FRC is grateful for the engagement with and constructive criticism of the exposure draft that it received from several respondents. Some of the feedback related to areas in the auditing standards which are largely procedural, or on matters which are not appropriately addressed through published guidance. In addition, the scope of the PN is focused on the application of the auditing standards in the context of an individual audit engagement. The FRC has therefore not included guidance on firm-level matters such as how to apply the ES with respect to the provision of non-audit services to audited entities, or with respect to its system of quality management.

The FRC recognises the challenges faced by practitioners in many of these areas. We will continue to explore other means whereby auditors can be supported to apply professional judgement and enable proportionate and scalable application of the ISAs (UK) to SMEs. These include future initatives for the FRC's Audit and Assurance Sandbox. The FRC has also separately published guidance on the application of technology, including AI, to audit.

Additional material has been included in the PN following feedback. A new section on concluding the audit includes material on reporting at the end of the audit, and material has also been included in relation to assessing and responding to identified risks of material misstatement in connection with related parties.

Detailed comments that explain how the material in the exposure draft has been amended to enhance specific sections in the revised PN in response to constructive feedback are set out below.

Scoping

A number of respondents were in favour of a clearer articulation of scope, with some advocating for the PN to be mandated for specific classes of entities defined in law e.g. small companies as defined by the Companies Act. Potential regulatory challenges from the subjective application of judgement by the auditor was identified as a barrier. Some responses also suggested that the PN could be expanded to include examples of how the PAASE section of the ES could be applied to audits of small entities, and considerations relating to firm-level systems of quality management.

As discussed above, the title of the PN has been amended to 'Guidance for audits of small and medium-sized entities'. Proportionality considerations and opportunities for scalability arise in particular for areas where this is less complexity. The PN also now gives greater prominence to qualitative indicators of a lack of complexity, and includes material to identify a number of specific types of small and medium-sized entities which may be most likely to display these indicators. These changes clarify the scope of the document, and clearly sets out that the identification of the extent of complexity for an entity requires practitioners to apply professional judgement.

The FRC does not believe that mandating the guidance for specific types of entity is appropriate, since this may not correspond to the degree of complexity within the entity. Indeed, guidance itself cannot be mandatory, as it cannot be used to set relevant requirements. As the scope has been set to the application of the ISAs (UK) to the performance of an audit, consideration of how an audit firm may provide non-audit services to an audited entity, or how it might operate its system of quality management, would not be appropriate matters to include within the PN.

Materiality

Respondents requested that we include indicative quantitative materiality ranges for SMEs; reference a more relevant category of entity in our materiality example and provide further material on performance materiality.

In response to feedback received, we have replaced the entity in our materiality example with one that is more relevant, and revised the section on performance materiality to reduce repetition of the auditing standards and focus on the auditor's judgement in relation to aggregation risk. We have not quantified appropriate materiality ranges, though we have added a note to caution that the materiality thresholds referenced in the 2017 FRC materiality thematic were observed on FTSE 350 audits, and may not be an appropriate reference point for audits of entities outside of this group.

Risk assessment

Respondents highlighted the need for clearer, more scalable guidance on risk assessment, particularly in situations where controls are informal, undocumented, or limited within smaller entities. They noted that auditors would benefit from more direction on evaluating the design and implementation of relevant controls, understanding and documenting general IT controls in simple IT environments, and determining proportionate procedures when considering the system of internal control.

In response, we have refined the guidance to make clear that risk assessment and related documentation for SMEs should be proportionate and focused only on areas where risks of material misstatement are genuinely elevated. We clarified that, where factors such as the entity's environment, accounting policies or the control environment do not give rise to heightened risk, auditors may document this briefly. The section now more clearly explains how auditors can tailor their understanding of the entity, exercise judgement in simple control environments, and avoid unnecessary evaluation of controls beyond journals where appropriate. We also clarified the interaction between inherent and control risk, improved explanations around design and implementation work, and removed or amended wording that could imply excessive documentation or testing.

Finally, we have added a new example in the PN (Box 7) to show how auditors assess risks of material misstatement along the spectrum of inherent risk across common audit areas in SMEs, and how they can briefly document the professional judgement supporting those assessments to keep audit responses proportionate and appropriately focused.

Responses to assessed risks

Respondents requested further examples of how to appropriately respond when there is a lower risk of material misstatement and suggested that we mention that data analytics may enhance the proportionality and efficiency of audits.

In response to feedback received, we have written an example to illustrate potential responses to risk in a range of scenarios (Box 13). We have also noted that the performance of data analytics may lead to lower sample sizes and greater efficiency.

Going concern

Respondents requested clearer guidance on how auditors should approach going concern in the SME environment, in particular where management does not prepare a formal going concern assessment. The feedback emphasised the need for the PN to better reflect the practical realities of audits of smaller entities and to clarify how auditors can obtain sufficient appropriate audit evidence in these circumstances.

In response to the feedback, we have refined the guidance to better explain how auditors might begin their work through discussions with management where formal assessments are not initially available, while also highlighting that under the financial reporting framework the responsibility for preparing the going concern assessment rests with management. We have also strengthened proportionality messaging in the PN, including additional signposting to the relevant application material in ISA (UK) 570.

Several respondents noted that the illustrative examples provided could be made more realistic for SMEs, with some requesting additional scenarios and others cautioning against excessive detail. Targeted adjustments have been made to the illustrative examples to improve clarity and ensure they demonstrate the intended principles. However, we have not expanded the examples significantly, as the PN is not intended to provide prescriptive or exhaustive case studies.

Fraud

Respondents noted the need for additional guidance on the rebuttal of the significant risk of fraud in revenue recognition and over the considerations when responding to the risk of management override of control through journals testing. One respondent requested additional information to be included on the use of technology tools, specifically where the auditor does not have advanced data analytics tools.

In response to feedback received, we have enhanced the guidance on the auditor's risk assessment due to fraud in revenue recognition, including enhancement of the guidance on when it may be appropriate to rebut the presumed risk. The assessment to rebut the risk of fraud in revenue recognition is an auditor judgement that is supported through the robust risk assessment process performed and that is documented based on the auditor's assessment and considerations. We have also included a non-exhaustive list of example indicators of when it may be appropriate to rebut the risk of fraud in revenue recognition to help provide guidance to the auditor.

Further, we have provided additional clarity on how the auditor identifies journals for testing, including linkage to the requirements of ISA (UK) 315 to understand the journals process and internal controls over journals and the use of automated tools and techniques in selecting journals for testing.

Accounting estimates

Respondents requested more practical examples, in particular covering situations where a greater level of judgement is required and providing examples of testing approaches to accounting estimates. In response to this feedback, we have provided more detailed examples of risk assessment factors and possible audit responses for two accounting estimates. For each of these estimates, we have addressed how changes in circumstances surrounding the estimate may impact the risk assessment and audit response. Additionally, we have provided examples of circumstances in which the auditor may determine that there is no risk of material misstatement in respect of an accounting estimate.

Group audit considerations

Respondents noted the need for greater clarity and relevance in the example and for guidance on the direction and supervision of a component auditor. In response to this feedback, we have replaced the example with one that focuses on the group auditor's involvement in the work of the component auditor.

Respondents requested additional guidance on the use of letters of support to evidence recoverability of intercompany balances and the going concern status of individual subsidiaries. In response, we have added a section addressing interdependency between group entities. Additionally, we have addressed documentation requirements where the group auditor performs all work to support the group audit opinion.

Question 4 – Are the examples included within the PN and the Appendix helpful or could they be enhanced? Are there other scenarios that we could include in the final version of the PN?

Summary of feedback

While many respondents felt that the examples were helpful, a common articulated view was that the examples represented idealised scenarios which did not reflect the everyday difficulties of dealing with directors or management who were not engaged with the audit process, and where audit evidence was not presented on a timely basis and was not of an appropriate quality. Many respondents also requested a wider range of examples within the PN, such as the rebuttable risk of fraudulent revenue recognition. Others requested greater conditionality in the examples, to show how auditors' application of professional judgement could vary between different scenarios. There were also calls for examples to reflect regulatory findings from inspections on areas where improvements could be made.

While some respondents viewed the Appendix as helpful, many did not and stated that it was too simplistic to be of use to audit practitioners. In particular, the presentation of extracts from an audit file resulted in a great deal of commentary on what what ought to have been included. In addition, many respondents felt that the presentation of the examples did not reflect the software environments in which auditors compile audit files. Some respondents advocated for the inclusion of a complete set of planning documentation to illustrate practical application of the PN's principles.

FRC response

The FRC recognised that there was scope to improve both the nature and number of examples included with the PN. During the post-consultation revision process, we enagaged constructively with feedback to include new examples that helped illustrate the underlying principles of scalability and proportionality. These include new ‘boxes' that discuss:

  • how the spectrum of inherent risk links to specific risks of material misstatement (Box 7);
  • how responses to risks of material misstatement vary according to its assessment on the spectrum of inherent risk (Box 13); and
  • a specific example around rebutting the risk of revenue recognition (Box 8).

The discussion of individual sections of the PN in the response to Question 3 gives further details on how other examples have been developed in response to feedback.

We decided to delete the Appendix and include new examples in the main body of the PN. While the Appendix was intended to exemplify the principles developed within the PN, in practice its status as extracts from an audit file relating to an entity in a specific sector proved to be a distraction from those principles.

We have not pursued suggestions to include a full set of planning documents, present the examples in a fashion that replicates an audit software environment, or to reflect recent regulatory findings arising from inspections. We believe that doing so would distract from the key messages of the PN. Anchoring the guidance in the circumstances of a specific audit would result in a large amount of irrelevant contextual material and greatly add to the length of the PN, thereby reducing its useability to practitioners. The FRC also wishes to avoid publishing material which could be interpreted as supporting a specific presentation approach for audit documentation. Finally, while the maintenance of audit quality is an underlying aim for this guidance, we consider that there are other more appropriate avenues for regulatory findings to be communicated to practitioners and subsequently remediated rather than by means of a PN.

Significant other matters raised by respondents

The International Standard on Auditing for Audits of Financial Statements of Less Complex Entities

The FRC is the Competent Authority for Audit in the UK and as such has the authority to determine the technical standards to be applied for statutory audits of companies in accordance with the Companies Act 2006.

Many respondents questioned why the FRC does not adopt the International Standard on Auditing for Audits of Financial Statements of Less Complex Entities (ISA for LCE) that was issued by the IAASB in December 2023, or at least initiate a public discussion on how it could be introduced into the UK. Some of those respondents suggested that if the ISA for LCE was not considered by the FRC to meet the needs of UK SME audits, with some agreement that as drafted it did not, the FRC could adapt it to address the shortcomings.

Part A of the ISA for LCE sets out its scope. It includes illustrative qualitative characteristics of an LCE and clear statements that the standard has not been designed to address:

  • Complex matters or circumstances relating to the nature and extent of the entity's business activities, operations and related transactions and events relevant to the preparation of the financial statements.
  • Topics, themes and matters that increase, or indicate the presence of, complexity, such as those relating to ownership of the entity, corporate governance arrangements of the entity, or policies, procedures or processes established by the entity.

The IAASB has also issued supplementary guidance on the authority of the ISA for LCE. That guidance explains that, as the standard does not address complex matters or circumstances, if it is used for an audit outside the scope set out in Part A of the standard, 'the auditor will not be able to obtain sufficient appropriate audit evidence to support an audit opinion.' The supplementary guidance also includes further illustrative characteristics that are commonly associated with an LCE and characteristics that are commonly not associated with an LCE.

Part A of the ISA for LCE also anticipates that legislative or regulatory authorities or relevant local bodies with standard setting authority will determine quantitative threshold(s) for use of the ISA for LCE in their respective jurisdictions. By way of example of thresholds that may be considered it refers to the European Commission's definition of a 'small enterprise' and the South African Department of Small Business Development's definition of 'small enterprise'. Neither of those jurisdictions have, however, adopted the standard for use.

Most 'small' companies in the UK are exempt from the requirement for statutory audit. The thresholds for a small company were recently revised and are a turnover of £15m or less, a balance sheet total of £7.5m or less and an average of 50 or fewer employees (a company qualifies as small if it satisfies at least two of the three thresholds). For comparison, the EC thresholds referred to in the ISA for LCE are a turnover of €10m or less, a balance sheet total of €10m and an average of less than 50 employees.

Paragraph P5 in the Preface to the ISA for LCE states 'If [the] standard is used for audit engagements other than those contemplated in Part A, the auditor is not permitted to represent compliance with the ISA for LCE in the auditor's report.'

The FRC does not believe that it would be appropriate to adopt the ISA for LCE for use on statutory audits, or voluntary audits that are intended to comply with standards equivalent to those for statutory audits. The reasons include:

  • Most of such entities are larger than the illustrative quantitative criteria the guidance in the ISA for LCE suggests might be appropriate as thresholds.
  • Comparatively few entities that are above the thresholds for exemption from statutory audit are likely to have the qualitative characteristics of an LCE described by the IAASB and for which the ISA for LCE has been designed to address.
  • Without firm criteria for the application of the ISA for LCE, judgement would be required for its use on a particular audit. This is likely to result in inconsistency of the auditing standards used for audits of some entities of similar sizes and nature which would be unhelpful for users of their audited financial statements. There would also be a risk that an audit could be commenced using the ISA for LCE but further information coming to light during the course of the audit revealing complexity that the ISA for LCE is not designed to address, resulting in a need to switch to an audit performed in compliance with the full suite of ISAs (UK). Such a necessary switch would potentially be costly for the audited entity. It also provides an incentive for practitioners to downplay or set aside any indications identified during an audit that the application of the ISA for LCE is inappropriate.
  • Firms would need to operate dual methodologies to undertake audits where it was determined the ISA for LCE could be applied and other audits where it could not. This would also be necessary to facilitate a transition from an ISA for LCE audit to an ISA (UK) audit should circumstances require after the commencement of the audit. The need for dual methodologies gives rise to concern about the time and costs to invest in and maintain both, including the creation of multiple sets of supporting materials and education and training programmes.
  • If some firms decided to undertake solely ISA for LCE audits, a split could emerge between those firms and firms that perform full ISA (UK) audits. This could impact the capabilities and opportunities of auditors and staff who only perform ISA for LCE audits, which might also create difficulties for recruiting trainees in such firms.
  • While there is some reduction in the number of requirements in the ISA for LCE compared to the full suite of ISAs (UK) – the IAASB having excluded requirements it determined would not be applicable for a less complex audit and modified the wording of some others – the main reduction arises from the elimination of application material. Requirements are supported by application material to encourage the consistent exercise of appropriate professional judgment in the application of the principles-based requirements. Without application material, there is a risk that differences in professional judgment will result in inconsistent application of the requirements. This gives rise to concerns on how the ISA for LCE can be applied consistently in a scalable and proportionate manner to a wide range of LCEs. Indeed, it creates concerns as to whether the ISA for LCE provides a sufficient basis for reasonable assurance on all audits for which it is applied.
  • While some requirements from the full ISAs have been eliminated or reworded, the ISA for LCE in essence would lead to an audit approach that could be derived from the proportionate application of the full ISAs.
  • There is also a risk that reporting the use of the ISA for LCE in the auditor's report (as is required by the standard) would create a perception of a lower quality audit.
  • The LCE standard supports the same reasonable assurance opinion as a full ISA audit, and as a result the work effort and the level of evidence required is also the same. The IAASB has also indicated that the ISA for LCE is not intended as a deregulatory measure. There are therefore no grounds to believe that adoption of the LCE standard would enable audits to be performed faster or with less resource.
  • The IAASB have stated their intention to revise the ISA for LCE after revisions to the ISAs, rather than at the same time. This could lead to significant short-term divergences between the LCE standard and a full ISA audit, placing doubt on equivalence between the two frameworks.

The FRC is aware that some other standard setting authorities have also expressed concerns, including some of those identified above, and decided not to adopt the ISA for LCE. These include authorities in Australia, Canada and South Africa. It also not anticipated that the ISA for LCE will be adapted for use in the USA. The FRC is not an outlier in believing that the potential benefits of the ISA for LCE are outweighed by the potential downsides.

Some respondents suggested that the ISA for LCE could be modified by the FRC to address concerns and enable its application in the UK. One respondent stated that 'The FRC is an autonomous standard setter and has the power to adapt the ISA for LCE as it thinks fit.' While the FRC is an autonomous standard setter, it does not have the power to adapt the ISA for LCE in a way that would fall below the standard required by the IAASB standard.

The IAASB has a guide for national standard setters who wish to make 'limited modifications' to its standards. That guide states:

"For the purposes of conformity under this policy, the NSS shall limit additions to an [international standard] to the following:

  1. National legal and regulatory requirements.
  2. Other requirements or guidance that are not inconsistent with the current requirements or guidance in the [international standard]."

The supplementary requirements and guidance that would need to be added to the ISA for LCE, for example to address certain areas of complexity that the ISA for LCE is not itself designed to address, would be inconsistent with the purpose and limited scope of the ISA for LCE. As noted above, the Preface to the ISA for LCE states: 'If [the] standard is used for audit engagements other than those contemplated in Part A, the auditor is not permitted to represent compliance with the ISA for LCE in the auditor's report.'

Any new UK specific standard would be unique and would not enable assertion of compliance with the ISA for LCE nor with the ISAs (UK). That could give rise to practical issues, for example for any audit that is required or otherwise expected to be compliant with recognised international auditing standards.

Accordingly, the FRC continues to be believe that the most appropriate approach is to maintain the requirement for statutory audits to be undertaken in compliance with ISAs (UK); and to provide support and guidance to assist the scalable and proportionate application of those standards to entities of all sizes and levels of complexity.

In response to the calls from respondents to this consultation for a public discussion on the merits of the ISA for LCE, the FRC will soon issue a Call for Views on this standard. This will invite stakeholders to identify the enhancements that might be made to the ISA for LCE to address the FRC's concerns, while recognising that the FRC has limited scope to modify the standard, other than through the addition of UK pluses. It will also provide an opportunity for stakeholders to articiulate the changes that they wish to see in the ISA for LCE that would make it fit for purpose in the UK audit market. The feedback received will help provide a basis for the FRC to engage with the IAASB and other national standard setters and regulators. The Call for Views is not intended to explore UK adoption of the ISA for LCE as it currently stands, or whether a revised version would be adopted.

Relevant ethical requirements

Some respondents commented on the FRC's ES. There was a suggestion it was too onerous for SMEs compared to the international code of ethics issued by the International Ethics Standards Board for Accountants (IESBA). A small number of respondents asked for guidance on how the ES requirements should be applied, including the provisions specific to audits of small entities set out in Section 6 of the ES, and consideration of the ethical impacts when the audited entity needs help from the auditor.

Guidance on the application of the ES is not within the scope of the PN, which is intended to help auditors apply the performance requirements of the ISAs (UK) in a proportionate manner. The FRC undertakes regular reviews of the ES, with the most recent revision taking place in 2024. It will take into consideration the comments received through this consultation when it next reviews the ES.

The ES was developed with the intent that it be no less stringent than the IESBA Code. The FRC is, however, aware that a limited number of the specific requirements in Part B of the ES are difficult for certain audit firms to comply with, particularly when auditing a small entity. Accordingly Section 6 establishes alternative provisions setting out certain dispensations that are appropriate to facilitate the cost-effective audit of the financial statements of small entities (as defined in Section 6) that are not public interest entities. The IESBA Code does not include equivalent dispensations.

The alternative provisions in Section 6 include, among others, conditional relief from applying safeguards to address a self-review threat when providing non-audit services to an audited entity; and conditional exemption from the prohibition on undertaking part of the role of management when undertaking non-audit services for an audited entity. These provisions are helpful for auditors who might be asked to provide certain types of help, that might otherwise be prohibited, to a small audit client. An audit firm that has taken advantage of the specified exemptions provided by Section 6 is required to disclose that fact in the auditor's report. The FRC intends to faciliate guidance for auditors to support auditors in applying these alternative provisions.

3. Impact Assessment

The issuance of Practice Note 28 'Guidance for audits of small and medium-sized entities' will not result in long-term incremental costs for business. The intent behind this guidance is to give practitioners the confidence to utilise the existing potential for scalable application of the ISAs (UK) and therefore deliver audits that are proportionate to the complexity of the entity while still retaining the same level of audit quality. The result should be a reduction in audit work in instances where auditors have not been scaling their work in response to identified risk in the most effective manner.

While this should result in time and cost savings where auditors have not been optimally scaling their work in response to risk, it is important to note that this is only one aspect of the regulatory ecosystem for audits of SMEs. This PN may not be sufficient in and of itself to have a significant impact on the cost of audit. Other related initiatives by the FRC are planned to ensure that the approaches set out in the PN are embedded in practice, and to deploy means other than formal guidance to support auditors to apply the ISAs (UK) in a scalable manner.

As PN 28 represents non-prescriptive guidance which does not modify the requirements of the ISAs (UK), there is no requirement for audit firms or third-party audit methodology providers to change their audit methodologies in response to new or modified auditing standards. However, the FRC does anticipate that there will be one-off costs associated with practitioners familiarising themselves with the PN. Revisions to audit methodologies to utilise the approaches described in PN 28 may also result in further non-recurring costs. However, the benefits from more scalable and proportionate application of the auditing standards will more than offset these short-term costs.

4. Appendix

Responses to the consultation can be found on the FRC Website.

List of respondents

  1. Association of Chartered Certified Accountants (ACCA)
  2. Association of Investment Companies
  3. Association of Practising Accountants
  4. Azets Audit Services Limited
  5. Chartered Accountants Ireland
  6. Caseware International Inc
  7. Crowe UK LLP
  8. Deloitte LLP
  9. Duncan & Toplis
  10. Forvis Mazars LLP
  11. Grant Thornton UK LLP
  12. Group A Firms
  13. HaysMac LLP
  14. Institute of Chartered Accountants in England and Wales (ICAEW)
  15. Institute of Chartered Accountants of Scotland (ICAS)
  16. KPMG LLP
  17. Kreston Global
  18. Mr Martyn Jones
  19. Mercia Group Limited
  20. Moore Kingston Smith LLP
  21. Price Bailey LLP
  22. Saffery LLP
  23. Society of Professional Accountants

Street view of a city with shops lining a cobblestone street, people walking, and a tall gothic church tower visible in the background.

Financial Reporting Council

London office:
13th Floor, 1 Harbour Exchange Square, London, E14 9GE

Birmingham office:
5th Floor, 3 Arena Central, Bridge Street, Birmingham, B1 2AX

+44 (0)20 7492 2300

www.frc.org.uk

Follow us on LinkedIn

File

Name Feedback Statement and Impact Assessment - Practice Note 28
Publication date 18 March 2026
Type Feedback paper
Format PDF, 1.2 MB
Download original
Back to top